Static task
static1
General
-
Target
53a43f21f8e3a2966f55f0ee0a94c6b5
-
Size
27KB
-
MD5
53a43f21f8e3a2966f55f0ee0a94c6b5
-
SHA1
3a809a6f64a528e42007c6fc791abdaee47b6a3c
-
SHA256
758e062ac101df321cc868868309cd85aba778f38954cfb87441e6cccda1828d
-
SHA512
028bb4390dea41806b8ecebc3334b3a34abdc331564230a797f4037816d98e6f0036293896ffd1406386a13a812784b2026f9fda56620cb7e5ace068028a0a0b
-
SSDEEP
384:8L1FxKREtt8o8sbKERzm29kkzuwOpann3g8ykx3ng4xS4OT98iOqoIVZGmTslzMa:+0EJKx2X3xOWmZGDRMa
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 53a43f21f8e3a2966f55f0ee0a94c6b5
Files
-
53a43f21f8e3a2966f55f0ee0a94c6b5.sys windows:5 windows x86 arch:x86
7dc6eb98d2d8582c5ba575b1685c5d8c
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
ntoskrnl.exe
ZwQuerySystemInformation
RtlInitString
RtlCompareString
ZwQueryInformationFile
ZwReadFile
DbgPrint
_stricmp
ZwCreateFile
ObReferenceObjectByHandle
ZwClose
ObfDereferenceObject
KeInitializeEvent
KeSetEvent
_allmul
KeQueryTimeIncrement
KeTickCount
InterlockedDecrement
ExDeleteNPagedLookasideList
InterlockedIncrement
ExFreePool
ExAllocatePoolWithTag
MmMapLockedPagesSpecifyCache
KeResetEvent
KeWaitForSingleObject
IofCompleteRequest
IoCreateDevice
IoCreateSymbolicLink
IoDeleteDevice
IoDeleteSymbolicLink
ExInterlockedPopEntrySList
ExInterlockedPushEntrySList
MmMapLockedPages
MmUnmapLockedPages
MmBuildMdlForNonPagedPool
IoFreeMdl
ExInitializeNPagedLookasideList
PsGetVersion
KeInitializeSpinLock
RtlInitUnicodeString
hal
KfReleaseSpinLock
KfAcquireSpinLock
ndis.sys
NdisFreeMemory
NdisReturnPackets
NdisAllocatePacket
NdisIMCopySendPerPacketInfo
NdisIMGetDeviceContext
NdisMSetAttributesEx
NdisPacketPoolUsage
NdisMSleep
NdisReEnumerateProtocolBindings
NdisGetReceivedPacket
NdisDprAllocatePacket
NdisAllocateBuffer
NdisUnchainBufferAtFront
NdisFreePacket
NdisIMCopySendCompletePerPacketInfo
NdisDprFreePacket
NdisDeregisterProtocol
NdisIMCancelInitializeDeviceInstance
NdisSetTimer
NdisResetEvent
NdisSetEvent
NdisOpenProtocolConfiguration
NdisReadConfiguration
NdisAllocateMemoryWithTag
NdisInitializeEvent
NdisAllocatePacketPoolEx
NdisAllocateBufferPool
NdisWaitEvent
NdisOpenAdapter
NdisIMInitializeDeviceInstanceEx
NdisCloseConfiguration
NdisCloseAdapter
NdisFreePacketPool
NdisFreeBufferPool
NdisInitializeWrapper
NdisIMRegisterLayeredMiniport
NdisMRegisterUnloadHandler
NdisInitializeTimer
NdisIMDeInitializeDeviceInstance
NdisIMAssociateMiniport
NdisRegisterProtocol
Sections
.text Size: 21KB - Virtual size: 21KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 448B - Virtual size: 436B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 192B - Virtual size: 172B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
INIT Size: 2KB - Virtual size: 2KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1024B - Virtual size: 1008B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
.reloc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ